Aqua Star: Ninth Circuit applies Authorized Entry Exclusion to Social Engineering Fraud Claim

By David S. Wilson, Chris McKibbin and Stuart Woody

On April 17, 2018, the Ninth Circuit Court of Appeals released its decision in Aqua Star (USA) Corp. v. Travelers Casualty and Surety Company of America, affirming the decision of the U.S. District Court for the Western District of Washington (see our July 19, 2016 post).  The decision offers guidance to fidelity insurers with respect to the application of the “authorized entry” exclusion found in the base wording of many commercial crime policies (sometimes referred to as the “authorized access” exclusion), and illustrates how this exclusion may operate in the context of a social engineering fraud loss.

The Facts

The insured, Aqua Star (USA) Corp. (“Aqua Star”), is a seafood importer that had a pre-existing relationship with a legitimate vendor, Longwei.  In the summer of 2013, Longwei’s computer system was hacked.  The hacker apparently monitored email exchanges between an Aqua Star employee and a Longwei employee before intercepting those email exchanges and using a “spoof” email domain to send fraudulent emails to the Aqua Star employee.  In the spoofed emails, the hacker directed the Aqua Star employee to change the bank account information Aqua Star had on record for Longwei for future wire transfer payments.

The Aqua Star employee inserted the revised banking information into Aqua Star’s computer system.  This revised information was then used to create wire instructions that were transmitted to Aqua Star’s bank, the Bank of America.  As a result, $713,890 was wired to the hacker’s account before the fraud came to light.

The Travelers Coverage

Aqua Star maintained a Wrap+ Crime Policy with Travelers.  The policy covered Aqua Star for its “direct loss of, or direct loss from damage to, Money, Securities, and Other Property directly caused by Computer Fraud”, as defined.  Travelers relied on Exclusion G to the policy, which provided that the policy:

will not apply to loss resulting directly or indirectly from the input of Electronic Data by a natural person having the authority to enter the Insured’s Computer System.

As a general observation, this type of exclusion is intended to reinforce the industry view that traditional commercial crime coverage is not intended to respond to social engineering fraud losses.  At present, social engineering fraud coverage is typically added to commercial crime policies by endorsement, with the endorsement providing that the exclusion in the base wording does not apply in respect of coverage afforded by the endorsement.  The intent is to reinforce that only social engineering fraud coverage, and not the traditional computer or funds transfer fraud coverages, responds to social engineering fraud losses.

The Decision

The District Court had granted Travelers’ summary judgment motion on the issue of whether Exclusion G applied to the loss.  The District Court rejected Aqua Star’s arguments that Exclusion G did not apply because: (i) Aqua Star had also entered data into the computer system of a third party, Bank of America; and, (ii) Exclusion G should be confined to circumstances in which a fraud is perpetrated by an authorized user of an insured’s computer system, such as an employee or legitimate customer.

In brief reasons, the Ninth Circuit affirmed the District Court’s grant of summary judgment, holding that:

Exclusion G unambiguously provides that the policy “will not apply to loss or damages resulting directly or indirectly from the input of Electronic Data by a natural person having the authority to enter the Insured’s Computer System….”  Aqua Star’s losses resulted from employees authorized to enter its computer system changing wiring information and sending four payments to a fraudster’s account.  These employees “ha[d] the authority to enter” Aqua Star’s system when they “input” Electronic Data, on Aqua Star computers, to change the wiring information and authorize the four wires.  Their conduct fits squarely within the Exclusion.  While other contractual exclusions may also bar coverage in this case, we need not go any further. 

Conclusion

The Ninth Circuit’s decision in Aqua Star provides a concise affirmation of the District Court’s detailed analysis of Exclusion G of the Travelers Wrap+ policy.  This case, along with numerous others such as Pestmaster (see our August 4, 2016 post) and InComm (see our March 22, 2017 post), reflects the intended boundary between social engineering fraud coverage and “traditional” computer fraud and funds transfer fraud coverages.  Courts have generally interpreted the computer fraud coverage as being intended to cover loss due to unauthorized hacking and payment instructions by third parties, not employees’ authorized entries of data or payment instructions induced by external fraud.

To address this perceived gap, insurers have introduced social engineering fraud endorsements to respond to the latter scenario.  Such coverage has been available in the United States since 2013 and in Canada since 2014.  The “authorized entry” exclusion reinforces the underwriting intent that the two coverages respond to different loss scenarios.  In our view, it is appropriate to keep this context in mind in assessing both the applicability of “authorized entry” exclusions and, more generally, the dividing line between social engineering fraud coverage and other coverages.

Aqua Star (USA) Corp. v. Travelers Casualty and Surety Company of America, 2018 WL 1804338 (9th Cir.)

Advertisements

Leave a comment

Filed under Authorized Access/Entry Exclusion, Social Engineering Fraud

Hudson Heritage: U.S. District Court dismisses Fraudulent Loans claim where Credit Union failed to plausibly plead Alteration of Original Documents of Title

By David S. Wilson and Chris McKibbin

On January 22, 2018, the U.S. District Court for the Southern District of New York released its decision in Hudson Heritage Federal Credit Union v. CUMIS Insurance Society, Inc., dismissing the insured credit union’s claim pursuant to Federal Rule 12(b)(6) for failure to state a claim upon which relief could be granted.

According to its amended complaint, the insured had granted several vehicle finance loans on the strength of photocopies or electronic copies of New York State Department of Motor Vehicles (“DMV”) title documents.  The copies received by the insured had been falsified to misrepresent the names of the owners/sellers.  The Court found that the insured’s complaint failed to plead that its losses had resulted directly from forgery or alteration of an “instrument”, which the bond in issue defined as an “original … document of title”.

The Facts

Hudson Heritage Federal Credit Union (“HHFCU”) is a credit union with several branches in New York State.  HHFCU alleged that, between April and July 2016, it was the victim of three separate fraudulent schemes related to loans for the purchase of automobiles.  In each instance, a member of HHFCU applied for a loan to purchase an automobile using a falsified DMV title document, which misrepresented the owner/seller of the automobile to be purchased with the loaned funds.

By its own admission, HHFCU received and relied on photocopies or electronic versions of the falsified titles, rather than originals.  HHFCU contended that this was consistent with “[t]he custom and practice in the financial industry.”

HHFCU learned of the schemes when the underlying loans went into default.  HHFCU alleged it suffered losses of $134,879 as a result of the fraudulent schemes.

The CUMIS Coverage

HHFCU submitted a claim to CUMIS.  The bond provided that CUMIS would “pay [HHFCU] for [its] loss resulting directly from the ‘forgery’ or alteration of an ‘instrument.’”  In the CUMIS bond, “instrument” was defined as an “original … document of title”.

CUMIS denied the claim on the basis that HHFCU had not demonstrated alteration of original DMV title instruments.  HHFCU commenced an action, and CUMIS moved to dismiss the claim.  HHFCU resisted the motion on the basis that, while it did not receive altered originals, its “information and belief” was that the members who perpetrated the alleged fraud were the same people who altered the original DMV title instruments.

Applying the “plausibility” standard applicable to Rule 12(b)(6) motions, the Court rejected this contention:

Here, HHFCU admits it received only photocopies or electronic versions of the falsified titles  …  However, the bond defines “instrument” as an “original” document.  To reconcile this apparent conflict, HHFCU alleges “[u]pon information and belief, the Loan Fraud members altered original DMV instruments in order to procure the loans.”  However, this allegation is not supported by any facts alleged in the complaint and it is inconsistent with common sense.  As a result, HHFCU’s claim that originals were altered is implausible on its face.

The Court continued:

In particular, the amended complaint is devoid of any allegations suggesting how the individuals involved in the automobile loan frauds would have obtained the original DMV titles, and there is no alleged connection between the fraudsters and the actual owners of the automobiles in question.  …  Under these circumstances, HHFCU improperly alleged “upon information and belief” that originals were altered.  …

 The defect of the amended complaint is that it fails plausibly to allege an “instrument” — as defined by the policy as an “original” document — was altered.

As a result, the Court granted the motion and dismissed HHFCU’s claim for coverage.

Conclusion

Hudson Heritage Federal Credit Union provides an example of a court affirming that the bond’s requirement of an “original” document means just that an original document, as opposed to a photocopy or an electronic copy.  The Court observed that, while HHFCU had contended that several words in the bond were ambiguous, the word “original” was not one of them.

Hudson Heritage Federal Credit Union v. CUMIS Insurance Society, Inc., 2018 WL 557900 (S.D.N.Y.)

Leave a comment

Filed under Forgery

Cooper Industries: Fifth Circuit applies Crime Policy’s Ownership Condition in finding No Coverage for Loss of Funds in Ponzi Scheme

By David S. Wilson and Chris McKibbin

On November 20, 2017, the Fifth Circuit Court of Appeals released its decision in Cooper Industries, Limited v. National Union Fire Insurance Company of Pittsburgh, PA.  The Court applied a crime policy’s ownership condition in ruling that the insured did not have coverage for the loss of funds incurred when an investment entity to which it had provided funds in exchange for promissory notes collapsed due to the entity’s principals’ Ponzi scheme.

The dispute arose out of the same Ponzi scheme that gave rise to the decision of the Eighth Circuit in 3M Company v. National Union Fire Insurance Company of Pittsburgh, PA (see our June 13, 2017 post).  Although there are important factual distinctions between the two losses, the Fifth Circuit reached the same conclusion as the Eighth Circuit in finding that the insured had not demonstrated that it owned the property in issue.

The Facts

Cooper Industries, Ltd. (“Cooper”) was a publicly-traded electrical equipment supplier.  Cooper provided its employees with a pension plan, which was managed by Cooper’s Pension Investment Committee (the “Committee”).  The Committee divided the plan assets into two funds: a bond fund and an equity fund.

In 2004, Cooper began dealing with the principals of WG Trading Company LP (“WGTC”) in respect of investing the benefit plan assets.  The principals of WGTC had another entity, WG Trading Investors, LP (“WGTI”), which was a limited partner in WGTC.  WGTC was a regulated and audited entity, whereas WGTI was not.  The Committee invested approximately $175 million from both its equity and bond funds with the WG entities.  Some of the funds were provided to WGTI in exchange for promissory notes.

Unbeknownst to Cooper, the principals of WGTC and WGTI were running a Ponzi scheme and, over the course of several years, diverted over $130 million from WGTI for their personal use.  The Court noted that, during the course of the fraud, one of the principals spent over $3 million to amass a collection of 1,348 teddy bears, and another $32 million on a hunter pony farm.

In February 2009, the SEC and the CFTC initiated an enforcement action against the WG entities and the principals, and obtained receivership orders.  The receiver had considerable success in recovering assets (including liquidating the teddy bears).  As of the time of the Court’s decision, Cooper had recovered all of its equity fund principal, and all but $1.1 million of its bond fund principal from WGTI.

The Ownership Condition

Cooper claimed under its crime coverage with National Union in respect of the loss.  The policy’s ownership condition provided that:

The property covered under this policy is limited to property:

 (1) That you own or lease; or

 (2) That you hold for others whether or not you are legally liable for the loss of such property.

Before both the District Court and the Fifth Circuit, Cooper maintained that it “owned” the funds in issue, on the basis that it had a beneficial interest in the funds and that the term “own” should encompass both legal and equitable ownership.

Like the District Court before it, the Fifth Circuit rejected Cooper’s contention:

The Policy clearly does not use “own” in such a broad sense.  …  Cooper did not “own” the principal and earnings in the way most people would use that word. It loaned money to WGTI in exchange for promissory notes.  When it made that loan, it gave up possession and control of the funds.  Rather, it “owned” the notes, and the [WG] Entities “owned” the funds.  …  Cooper has cited no case where a Texas court has held that a party continues to “own” funds it was fraudulently induced to loan to someone else.  [emphasis added]

The Fifth Circuit also rejected Cooper’s attempts to rely on case law from other areas to expand the meaning of the term “own” in the policy:

Courts have recognized that “own” can vary with the context.  However, in insurance disputes, courts have generally used the common, everyday definition of the word “own.”  …  Cooper also touts the cases it has identified in a number of other legal contexts — criminal, tax, trust, forfeiture, and takings laws — that recognize that the common meaning of “own” includes equitable ownership.  That entirely misses the point.  Just because courts have interpreted “own” in certain legal contexts to include equitable ownership does not mean that equitable ownership has been imported into the common definition of “own” as a result.  [emphasis added; citations omitted]

The Court also rejected Cooper’s efforts to distinguish the 3M decision:

The Eighth Circuit has likewise held that another victim of Greenwood and Walsh’s fraud did not “own” funds invested through WGTC.  …  Cooper attempts to distinguish 3M because the insured did not argue that “own” included equitable ownership.  We have already rejected that argument and, in doing so, interpret Cooper’s policy not to cover property no longer in the insured’s possession but given over to the [WG] Entities, much as the Eighth Circuit interpreted 3M’s policy.  Adopting Cooper’s position would result in inconsistent interpretations of similar policy provisions — a result we strive to avoid.

As a consequence, Cooper could not establish that it “owned” the funds in issue.

Conclusion

Like 3M and the recent decision of the U.S. District Court for the District of New Jersey in Posco Daewoo (see our November 6, 2017 post), Cooper Industries provides another example of a court applying the ownership condition using the accepted meaning of legal ownership, and rejecting an attempt to unduly broaden the scope of the condition.  While the structure of Cooper’s investments in the WG entities was significantly different from the structure of the investment in issue in 3M, the courts reached the same result.  In each case, the court applied the ownership condition by reference to the concept of legal ownership only, to conclude that neither arrangement satisfied the ownership condition.

Cooper Industries, Limited v. National Union Fire Insurance Company of Pittsburgh, PA, 2017 WL 5562300 (5th Cir.)

Leave a comment

Filed under Ownership

Posco Daewoo: U.S. District Court rejects Creditor’s “Reverse” Social Engineering Fraud Claim under its own Crime Policy

By David S. Wilson and Chris McKibbin

On October 31, 2017, the U.S. District Court for the District of New Jersey released its decision in Posco Daewoo America Corp. v. Allnex USA, Inc. and Travelers Casualty and Surety Company of America. This case features an interesting twist on the usual social engineering fraud claim scenario, in that it was the intended payee of the funds, not the payor, which asserted a claim under its own crime policy for recovery of funds which the payor had been duped into paying to an impostor. This type of claim has been referred to as a “reverse” social engineering fraud claim. Numerous such claims have been advanced by intended payees recently, typically when it comes to light that the payor did not maintain its own social engineering fraud coverage.

The Court applied traditional concepts of ownership in finding that the intended payee did not “own” the funds at any time, and thus could not establish that its claim met the ownership condition in its policy.

The Facts

Posco Daewoo America (“Daewoo”) is an importer and exporter of chemicals. Allnex USA (“Allnex”) is a vendor of specialty chemicals, and was a customer of Daewoo. Daewoo supplied Allnex with product for which Allnex owed payment. In early 2016, an impostor posing as an employee of Daewoo’s accounts receivable department sent emails to an employee of Allnex, requesting that payments to Daewoo on certain outstanding receivables be remitted to “new” Wells Fargo accounts.

Allnex paid $630,058 into the Wells Fargo accounts. By the time that the fraud was discovered, $367,613 had been transferred from the Wells Fargo accounts to accounts overseas. Daewoo never had possession of any of the funds owed to it by Allnex at any time.

The Travelers Coverage

Daewoo maintained a Wrap+ policy with Travelers. Daewoo submitted a claim to Travelers under its Computer Fraud coverage, asserting that the impostor’s emails to Allnex, coupled with Allnex’s transfers to the Wells Fargo accounts, constituted a Computer Fraud loss to Daewoo.

Travelers moved to dismiss the action pursuant to Fed. R. Civ. P. 12(b)(6) for failure to state a claim upon which relief could be granted. While Travelers took the position that the substantive elements of the Computer Fraud coverage had not been established, Travelers also pointed out a more fundamental concern with the claim – Daewoo had not satisfied the ownership condition in the policy. This condition provided as follows:

Ownership of Property; Interests Covered

 The property covered under this Crime Policy … is limited to property:

 i. that the Insured owns or leases;

ii.  that the Insured holds for others:

     (a) on the Insured’s Premises or the Insured’s Financial Institution Premises; or

     (b) while in transit and in the care and custody of a Messenger; or

 iii. for which the Insured is legally liable, except for property located inside the Insured’s Client’s Premises or the Insured’s Client’s Financial Institution Premises.

Travelers took the view that, while Daewoo was undoubtedly owed money by Allnex, Daewoo never actually held the funds, nor had Daewoo been legally liable for them, nor had Daewoo owned the funds.

The Court agreed. In the Court’s view, Daewoo’s failure to meet the ownership condition was dispositive. Until such time as funds were actually transferred to Daewoo, Daewoo had, at most, a receivable and a chose in action (i.e., a right to sue) in the event that it was not paid. This was insufficient for the purposes of the ownership condition:

[Daewoo] has not plausibly pled sufficient facts for the Court to find that it rightfully … possessed or had legal title to the money Allnex transferred into the Wells Fargo accounts. [Daewoo]’s strongest claim to owning that money stems from Allnex’s intention. The parties do not dispute that Allnex intended [Daewoo] to receive the wired money as payment for a debt.   However, a party’s intention of transferring legal title does not equate to an actual transfer of legal title without more. …

 The Court agrees with Travelers that before Daewoo actually received the monies due, Daewoo owned a receivable, or a right to payment, as well as a potential cause of action for payment if it was not made. … In other words, Daewoo did “own” something of value, but it was not the cash in the Wells Fargo accounts. It owned a receivable and a potential cause of action if Allnex did not pay. [emphasis added]

As a result, the Court granted the motion.

Conclusion

Posco Daewoo represents a straightforward application of the ownership condition to a claim that was anything but straightforward. The Court’s analysis reaffirms the fundamental coverage requirement that an insured must own, hold or have antecedent legal liability for the property which forms the subject of a claim.

The Court’s decision provides helpful guidance to fidelity claims professionals in clarifying the distinction between funds which meet the ownership condition, and funds in respect of which the insured has only a right as creditor. The Court effectively rejected the notion that Daewoo’s status as creditor made it a “constructive” owner of the funds in Allnex’s possession. Fidelity insurers occasionally face creative arguments concerning “constructive” ownership, and Posco Daewoo is an example of a court rejecting such arguments.

The decision also reinforces the importance of social engineering fraud coverage – in this case, for companies in the position of Allnex. Although it is not clear from the Court’s reasons, one surmises that Allnex did not maintain social engineering fraud coverage, which might have responded to the loss in issue here. Given the increasing frequency of vendor impersonation and other social engineering fraud losses, insureds would be well-advised to consult with their brokers about the risks that social engineering fraud poses to their business, and the availability of social engineering fraud coverage.

Posco Daewoo America Corp. v. Allnex USA, Inc. and Travelers Casualty and Surety Company of America, 2017 WL 4922014 (D.N.J.)

Leave a comment

Filed under Ownership, Social Engineering Fraud

Teva: Supreme Court of Canada rejects Fictitious or Non-Existing Payee Defence in finding Collecting Banks Liable for Employee Cheque Fraud

By David S. Wilson and Chris McKibbin

On October 27, 2017 the Supreme Court of Canada released its long-awaited decision in Teva Canada Ltd. v. TD Canada Trust. In a 5:4 decision, the Supreme Court held that two banks that accepted fraudulent cheques procured by a dishonest employee were strictly liable in conversion to the employer, and could not establish the “fictitious or non-existing payee” defence afforded by subsection 20(5) of the Bills of Exchange Act.

The decision is a welcome development for Canadian fidelity insurers who seek to subrogate against banks in respect of certain types of employee cheque frauds. The Supreme Court reversed the decision of the Court of Appeal for Ontario, which had found that the payees were either fictitious or non-existing. The Supreme Court’s decision places fidelity insurers in an excellent position to look to banks as subrogation targets in appropriate circumstances.

The Facts

Teva Canada Limited (“Teva”) is a pharmaceutical company. McConachie was Teva’s Finance Manager. McConachie implemented a fraudulent scheme whereby he prepared false cheque requisition forms for business entities with names that were similar or identical to those of Teva’s real customers. Based on McConachie’s fraudulent forms, Teva’s accounts payable department issued the cheques and mechanically applied the requisite signatures.

The fraudulent cheques were made payable to payees with six different names. Two of those names, PCE Pharmacare and Pharma Team System, resembled the names of existing entities to whom no debt was owed: PCE Management Inc. and Pharma Systems. The four other names (Pharmachoice, London Drugs, Pharma Ed Advantage Inc. and Medical Pharmacies Group) were legitimate entities to whom no debt was owed.

McConachie registered the business names as sole proprietorships and opened bank accounts at several banks, including the Bank of Nova Scotia and TD Canada Trust (the “collecting banks”). He then deposited 63 fraudulent cheques totalling $5,483,249 into these accounts and eventually removed the funds.

After discovering McConachie’s fraud and terminating him, Teva sued the collecting banks in conversion.

The Tort of Conversion and the Bills of Exchange Act

A collecting bank is prima facie liable in conversion where it transfers funds to an improper recipient, unless a statutory defence succeeds. As conversion is a strict liability tort, the bank’s negligence, or lack thereof, is irrelevant; any alleged contributory negligence on the part of the drawer is also irrelevant.

Here, Teva was the drawer of the cheques. The cheques were improperly obtained by McConachie and deposited to accounts held by him with the collecting banks. The collecting banks thereby dealt with the cheques under the direction of one not authorized, and made the proceeds available to someone other than the person rightfully entitled to possession. The collecting banks were therefore strictly liable to Teva in conversion, and would have to compensate Teva unless they could establish a statutory defence.

Before the Supreme Court, the collecting banks relied on the “fictitious payee” defence afforded by subsection 20(5) of the Bills of Exchange Act, which provides that:

Where the payee is a fictitious or non-existing person, the bill may be treated as payable to bearer.

This statutory defence renders a cheque payable to bearer, such that mere delivery, without endorsement, effects negotiation (the cheque would otherwise be payable to order, and would require an endorsement for negotiation).

The issue then became whether the payees were fictitious or non-existing. This analysis involves a two-step framework. The first step, which the majority characterized as the subjective fictitious payee inquiry, asks whether the drawer intended to pay the payee. If the collecting bank demonstrates that the drawer lacked such intent, then the payee is fictitious, the analysis ends and the bank’s defence succeeds. It is crucial to note, however, that “drawer intent” does not mean a specific intention to pay a payee in respect of any particular cheque; rather, the drawer’s intent to pay is presumed, unless the bank demonstrates otherwise.

If the bank does not prove that the drawer lacked such intent, then the payee is not fictitious, and the analysis proceeds to step two. This second step, which the majority characterized as the objective non-existing payee inquiry, asks whether the payee is either (1) a legitimate payee of the drawer; or (2) a payee who could reasonably be mistaken for a legitimate payee of the drawer. If neither of these is satisfied, then the payee does not exist, and the bank’s defence succeeds. If either is satisfied, then the payee exists, and the bank is liable.

The Act does not define the terms fictitious or non-existing, and it has been left to the courts to provide guidance. Canadian courts have generally followed the analytical framework provided by Falconbridge, which the majority quoted in full:

In the case of a bill drawn by [the drawer] upon [the drawee] payable to [the payee], the payee may or may not be fictitious or non-existing according to the circumstances:

 (1) If [the payee] is not the name of any real person known to [the drawer], but is merely that of a creature of the imagination, the payee is non-existing and is probably also fictitious.

 (2) If [the drawer] for some purpose of his own inserts as payee the name of [the payee], a real person who was known to him but whom he knows to be dead, the payee is non-existing, but is not fictitious.

 (3) If [the payee] is the name of a real person known to [the drawer], but [the drawer] names him as payee by way of pretence, not intending that he should receive payment, the payee is fictitious, but is not non-existing.

 (4) If [the payee] is the name of a real person, intended by [the drawer] to receive payment, the payee is neither fictitious nor non-existing, notwithstanding that [the drawer] has been induced to draw the bill by the fraud of some other person who has falsely represented to [the drawer] that there is a transaction in respect of which [the payee] is entitled to the sum mentioned in the bill. [emphasis added]

The Supreme Court’s 1996 Boma decision modified the approach to non-existing payees slightly by finding that the payee was not non-existing in cases where the drawer could reasonably have mistaken a payee for a payee with an established relationship with the drawer. This involves an objective assessment. As a result, according to Boma, a payee will be non-existing when the payee lacks an established relationship with the drawer, unless the drawer could reasonably have mistaken the payee to be one with such a relationship.

Boma’s narrowing of the ambit of non-existing payees becomes extremely significant where the fraudster has, as part of the fraud, caused his employer to issue cheques payable to an entity which has a name similar to, but not the same as, an existing creditor of the employer. It is not uncommon for a fraudster to set up a similarly-named entity to receive cheques, as the similar name deceives the employer and helps to conceal the fraud.

Where there is evidence that objectively establishes such a similarity, the bank’s reliance on the defence can be defeated and the bank will be liable. In Boma, for example, cheques payable to “J. Lam” and “J.R. Lam” were found to be sufficiently similar to the name of a legitimate subcontractor, Van Sang Lam, to allow the Court to conclude that an intention to pay should be attributed. Thus, although “J. Lam” and “J.R. Lam” did not exist in reality, they were nevertheless not “non-existing” for the purposes of subsection 20(5), and the bank was liable.

Here, McConachie used the names of four actual entities that had dealings with Teva, and two entities that did not technically exist, but whose names were similar to entities with which Teva had legitimate dealings.

Applying the principles to the case at bar, the majority held that:

Though only four of the names used were those of existing customers, the other two names used were very similar to names of Teva’s real customers. The motions judge found that there was “a rational basis for concluding that cheques were apparently made payable to existing clients”, and that “the payees could plausibly be understood to be real entities and customers of the plaintiffs”. As a result, the payees were not fictitious or non-existing.

Consequently, the collecting banks were liable to Teva.

Conclusion

Teva is a very significant decision for fidelity subrogation professionals, as fidelity insurers are now better-positioned to look to banks as subrogation targets in certain types of cheque losses. Where a dishonest employee has defrauded his employer through a cheque scam, it is imperative that the fidelity subrogation professional consider potential bank liability. This requires careful analysis, particularly with respect to whether the payee name is “sufficiently similar” to an existing entity with which the insured had legitimate prior dealings. Where the analysis demonstrates that a bank’s reliance on subsection 20(5) of the Act is unfounded, a subrogating fidelity insurer may be able to obtain a significant recovery.

Teva Canada Ltd. v. TD Canada Trust, 2017 SCC 51

Leave a comment

Filed under Bills of Exchange Act (Canada), Employee Theft, Forgery, Subrogation

Fidelity Law Association / ABA Fidelity & Surety Law Committee Conference – Boston, November 8-10, 2017

Blaneys partners David Wilson and Chris McKibbin will attend the joint FLA/ABA FSLC Conference. The FLA Conference on November 8 will focus on contemporary fidelity insurance issues, including social engineering fraud claims, knowledge of prior dishonesty, rescission, forensic investigations and communications with claimants and witnesses. The curriculum is designed for fidelity claims professionals, underwriters and lawyers. Chris will moderate the panel entitled The Future Ain’t What It Used To Be: Challenges Facing Fidelity and Commercial Crime Insurers in the 2020s. This panel addresses developing fidelity risks and exposures such as social engineering fraud, ransomware and Bitcoin and other cryptocurrencies.

  • To register, or for more information, click here.
  • A copy of the conference brochure may be accessed here.

The ABA FSLC Fall Meeting on November 9-10 is entitled “Managing and Litigating the Complex Fidelity Claim.” The program is designed as a workshop that will help fidelity claims professionals and lawyers gather useful practical tips to employ in claims handling. The program will feature a number of panel discussions on topics such as effective communications with insureds, discoverability of insurance company documents, ethics considerations, confidentiality agreements and litigation strategies. Chris will participate in the panel entitled Criminal Prosecution of the Accused, which considers how the fidelity claim investigation is affected by parallel criminal investigation and prosecution.

  • To register, or for more information, click here.
  • A copy of the conference brochure may be accessed here.

Leave a comment

Filed under Employee Theft, Social Engineering Fraud

American Tooling Center: U.S. District Court finds no Coverage for Social Engineering Fraud Loss under Crime Policy’s Computer Fraud Insuring Agreement

By David S. Wilson, Chris McKibbin and Stuart M. Woody

On August 1, 2017, the U.S. District Court for the Eastern District of Michigan released its decision in American Tooling Center, Inc. v. Travelers Casualty and Surety Company of America. The Court held that a vendor impersonation fraud loss did not fall within the terms of a crime policy’s computer fraud coverage. In coming to this conclusion, the Court found there was no direct causal link between the receipt of fraudulent emails by an insured requesting payment to the fraudster’s bank account, and the insured’s authorized transfer of funds to that bank account.

The Facts

American Tooling Center (“ATC”) is a tool and die manufacturer that outsources some of its work to third-party vendors. One of its legitimate third-party vendors is Shanghai YiFeng Automotive Die Manufacture Co., Ltd. (“YiFeng”). ATC typically sends payment to YiFeng at the completion of various production milestones.

ATC fell victim to a vendor impersonation fraud, which is one of the most common forms of social engineering fraud. On March 18, 2015, ATC’s Vice-President and Treasurer received an email purportedly sent by YiFeng requesting payment to a new bank account. The email in question was sent from the domain name “@yifeng-rnould.com”, which resembled the legitimate domain name “@yifeng-mould.com”. ATC’s Vice-President and Treasurer verified that the applicable production milestones were satisfied, but did not verify the new banking information before wiring approximately $800,000 to the new bank account. When it came to light that YiFeng had never been paid the amounts it was owed, ATC submitted a claim to Travelers.

The Computer Fraud Coverage

ATC’s policy with Travelers provided coverage for:

… the Insured’s direct loss of, or direct loss from damage to, Money, Securities and Other Property directly caused by Computer Fraud.

The Travelers policy defined “Computer Fraud” as:

The use of any computer to fraudulently cause a transfer of Money, Securities or Other Property from inside the Premises or Financial Institution Premises:

1. to a person (other than a Messenger) outside the Premises or Financial Institution Premises; or

2. to a place outside the Premises or Financial Institution Premises.

Travelers took the view that, given the intervening events between the receipt of the fraudulent emails and the authorized transfer of funds, ATC had not suffered a direct loss directly caused by the use of any computer.

The Court agreed, observing that:

the fraudulent emails did not “directly” or immediately cause the transfer of funds from ATC’s bank account. Rather, intervening events between ATC’s receipt of the fraudulent emails and the transfer of funds (ATC verified production milestones, authorized the transfer, and initiated the transfer without verifying bank account information) preclude a finding of “direct” loss “directly caused” by the use of any computer.

The Court relied upon the Fifth Circuit’s recent Apache decision (see our October 24, 2016 post), making specific reference to that court’s observation that:

To interpret the computer-fraud provision as reaching any fraudulent scheme in which an email communication was part of the process would … convert the computer-fraud provision to one for general fraud.

The Court then considered other recent computer fraud decisions, such as Pestmaster (see our August 4, 2016 post) and InComm (see our March 22, 2017 post). Applying the principles from these decisions to the case at bar, the Court concluded:

Although fraudulent emails were used to impersonate a vendor and dupe ATC into making a transfer of funds, such emails do not constitute the “use of any computer to fraudulently cause a transfer.” There was no infiltration or “hacking” of ATC’s computer system. The emails themselves did not directly cause the transfer of funds; rather, ATC authorized the transfer based upon the information received in the emails. The Ninth Circuit [in Pestmaster] has interpreted the phrase “fraudulently cause a transfer” to “require the unauthorized transfer of funds.”[:] “Because computers are used in almost every business transaction, reading this provision to cover all transfers that involve both a computer and fraud at some point in the transaction would convert this Crime Policy into a ‘General Fraud’ Policy.” See also Incomm … (noting that “courts repeatedly have denied coverage under similar computer fraud provisions, except in cases of hacking where a computer is used to cause another computer to make an unauthorized, direct transfer of property or money”). [emphasis added]

The Court granted summary judgment in favour of Travelers.

Conclusion

 American Tooling Center represents another decision in a growing line of jurisprudence which holds that there is no coverage for vendor impersonation and other social engineering fraud losses under traditional commercial crime coverages. The insurance industry has responded by introducing social engineering fraud-specific coverage, which allows insureds to obtain coverage for certain types of losses that fall outside the coverage provided under traditional policy wordings.

Given the increasing frequency of vendor impersonation and other social engineering fraud losses, insureds would be well-advised to consult with their brokers and insurers about the risks that social engineering fraud poses to their business, and the availability of social engineering fraud-specific coverage.

American Tooling Center, Inc. v. Travelers Casualty & Surety Company of America, 2017 WL 3263356 (E.D. Mich.)

Leave a comment

Filed under Computer Fraud, Direct Loss, Social Engineering Fraud